This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
sidlab1584
Explorer
‎2024-03-14 01:01 PM
Jump to solution

Mgmt_cli show access-rule base issue

I am trying to export 0 hit rules, I found some old discussion. and articles  

Solved: Re: Export of rules with zero hits in dashboard - Check Point CheckMates

Solved: Disable/Delete Rules with a Zero Hit Count (MDS or... - Check Point CheckMates

 

My environment is MDS, I have inline policy layers. When I run mgmt_cli , I can see the packages

 

[Expert@MDS-01:0]# mgmt_cli -r true --port 443 show packages -d "172.16.31.117" --format json | jq '.packages[] | .name' | sed 's/\"//g'
EXT-OTT
Standard

 

However, when I try to see the rule base, it says object not found. 


[Expert@MDS-01:0]# mgmt_cli show access-rulebase offset 0 limit 20 name "EXT-OTT" details-level "standard" use-object-dictionary true
Username: admin
Password:
code: "generic_err_object_not_found"
message: "Requested object [EXT-OTT] not found"

[Expert@MDS-01:0]# ^C
[Expert@MDS-01:0]# mgmt_cli -r true --port 443 show access-rulebase name "EXT-OTT" -d "172.16.31.117" show-hits true --format json limit 50000
{
"code" : "generic_err_object_not_found",
"message" : "Requested object [EXT-OTT] not found"

 

What am I missing here?

Sorry I am new to API calls and programming; I work mostly on firewalls. 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2024-03-14 05:48 PM
Jump to solution

EXT-OTT is the name of the policy package, which is made up of one or more policy layers.
The layers are where the policy is defined.

To get the top-level layers involved: mgmt_cli --format json --session-id xxx show package name Standard | jq '."access-layers"[]'
You can then look at the correct rulebase: mgmt_cli --format json --session-id xxx show access-rulebase uid 6a5b4108-a94e-4f5d-974b-8d8c431fdd5f

Do not use the "limit" parameter to exceed the specification in the API documentation as it is not guaranteed to return all the requested results and may result in performance issues (500 is max for show access-rulebase).
Also, if you have inline layers, you will have to parse the results to find out what inline layer is referenced and do a show access-rulebase on those as well.

View solution in original post

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2024-03-14 05:48 PM
Jump to solution

EXT-OTT is the name of the policy package, which is made up of one or more policy layers.
The layers are where the policy is defined.

To get the top-level layers involved: mgmt_cli --format json --session-id xxx show package name Standard | jq '."access-layers"[]'
You can then look at the correct rulebase: mgmt_cli --format json --session-id xxx show access-rulebase uid 6a5b4108-a94e-4f5d-974b-8d8c431fdd5f

Do not use the "limit" parameter to exceed the specification in the API documentation as it is not guaranteed to return all the requested results and may result in performance issues (500 is max for show access-rulebase).
Also, if you have inline layers, you will have to parse the results to find out what inline layer is referenced and do a show access-rulebase on those as well.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events